improvements

8 files changed, 28 insertions, 23 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..af2efef
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,12 @@
+*~
+*.save
+*-journal
+*.db
+*.sqlite
+*.swp
+
+_setup.php
+piwik.html
+favicon.ico
+
+tmp/
diff --git a/action.php b/action.php
index a52d471..6af6fe6 100644
--- a/action.php
+++ b/action.php
@@ -115,7 +115,8 @@ switch($_GET["task"]){
 		if ( $result = $db->doQuery($sql) ){
 			header($_SERVER["SERVER_PROTOCOL"] . " 302 Moved");
 			header("Location: /?page=" . $_GET["goto"]);
-			$c->flush($_GET["_flush"]);
+			//$c->flush($_GET["_flush"]);
+			$c->flush();
 		}
 		break;
 	case("account"):
diff --git a/class/.user.php.swp b/class/.user.php.swp
deleted file mode 100644
index 3864e3f..0000000
--- a/class/.user.php.swp
+++ /dev/null
diff --git a/class/user.php b/class/user.php
index 969d734..1e3bfb3 100644
--- a/class/user.php
+++ b/class/user.php
@@ -110,8 +110,8 @@ class jg {
 	public function logout(){
 
 		# no session active, so return false
-		if ( session_status() != PHP_SESSION_ACTIVE )	
-			return false;
+		//if ( session_status() != PHP_SESSION_ACTIVE )	
+		//	return false;
 
 		# set login to false
 		$this->login = false;
diff --git a/functions.php b/functions.php
index 3e937d2..659241a 100644
--- a/functions.php
+++ b/functions.php
@@ -111,6 +111,10 @@ else
 function print_logout(){
 	global $user;
 	$user->logout();
+	/*
+	global $c;
+	$c->flush();
+	*/
 	print_login("logout");
 }
 
@@ -128,12 +132,14 @@ function print_index(){
 		<p>Wir treffen uns immer Donnerstags um 19:30 Uhr in der Remise Arndtstraße 12a.</p>
 		<p>Am besten sind wir über unsere <span id="mail"><strong>Aktiviere JavaScript um die E-Mail Adresse zu sehen!</strong></span> erreichbar.</p>
 	</div>
+	<script type='text/javascript'>var a = new Array('s.de','iamfabulou','nde@lists.','jungegemei');document.getElementById('mail').innerHTML="<a href='mailto:"+a[3]+a[2]+a[1]+a[0]+"'>E-Mail Adresse</a>";</script>
 <?php
 }
 
 function print_list($option = false){
 	lredirect("liste");
 	global $db;
+	global $c;
 
 	$result = $db->doQuery("SELECT * FROM " . DBPREFIX . "member;");
 ?>
@@ -186,7 +192,7 @@ function print_list($option = false){
 		</tbody>
 	</table>
 	</div>
-	<form method="POST" action="/?page=add">
+	<form method="POST" action="/?page=add&_flush="<?php echo $c->token; ?>>
 		<button id="singlebutton" class="btn btn-info" type="submit">Füge jemanden hinzu</button>
 	</form>
 </div>
@@ -257,7 +263,7 @@ function print_add_entry_to_list(){
 		<h1>Füge die Daten hinzu</h1>
 	</div>
 		<div class="row">
-			<form method='POST' action='/?page=action&task=add&goto=liste&_flush=<?php echo $c->token; ?>'>
+			<form method='POST' action='/?page=action&task=add&goto=liste&_flush=<?php echo htmlentities($_GET["_flush"]); ?>'>
 			<div class="table-responsive">
 				<table class='table'>
 					<thead>
@@ -397,7 +403,7 @@ function print_register($option = false){
 <div class="form-group">
   <label class="col-md-4 control-label" for="key">Key*</label>  
   <div class="col-md-4">
-  <input id="key" name="key" placeholder="Schlüssel (Pflicht)" class="form-control input-md" required="" type="text">
+  <input id="key" name="key" placeholder="Schlüssel (Pflicht)" class="form-control input-md" required="" type="password">
   <span class="help-block">Du solltest den Schlüssel in einer Mail bekommen haben.</span>  
   </div>
 </div>
diff --git a/index.php b/index.php
index 21cbda7..3a5a4df 100644
--- a/index.php
+++ b/index.php
@@ -17,7 +17,7 @@ if ( isset($_SESSION["loggedin"]) && $_SESSION["loggedin"]){
 	$a = "0_";
 }
 
-if ( $_SERVER["REQUEST_METHOD"] == "GET" && $_SERVER["REDIRECT_STATUS"] == 200 && strpos($_SERVER["QUERY_STRING"], "account") === false ) {
+if ( $_SERVER["REQUEST_METHOD"] == "GET" && $_SERVER["REDIRECT_STATUS"] == 200 && strpos($_SERVER["QUERY_STRING"], "account") === false && strpos($_SERVER["QUERY_STRING"], "logout") === false) {
 	$token = $c->getToken($_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]. $_SERVER["QUERY_STRING"], $a);
 	if ( $c->exists($token)){
 		header("X-Cache: Hit");
@@ -47,10 +47,10 @@ $user = new jg($u);
 
 	echo "<style>" . file_get_contents('static/style.min.css');?>
 	.dl-horizontal dt{white-space: normal;} .btn-info{background-color:#3083D6;} .img-responsive{margin: 0 auto;} @-moz-document url-prefix() { fieldset { display: table-cell; } }</style>
+	<noscript><style>.navbar{margin-bottom:0;}</style></noscript>
 	<title>Junge Gemeinde Adlershof</title>
 	<link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'>
 	<meta name="viewport" content="width=device-width, initial-scale=1.0">
-	<noscript><style>.navbar{margin-bottom:0;}</style></noscript>
 </head>
 <?php
 require_once 'static/header.php';
diff --git a/setup.php b/setup.php
deleted file mode 100755
index 018781d..0000000
--- a/setup.php
+++ /dev/null
@@ -1,13 +0,0 @@
-<?php
-# init file to set up the database
-# TODO: pretty html
-
-$db = new db();
-$db->createTables();
-$db->close();
-
-echo "<p>Successfully created the database.</p>";
-
-# rename this file to avoid setting up the tables twice
-rename(ABSPATH . 'setup.php', ABSPATH . '_setup.php');
-exit;
diff --git a/static/footer.php b/static/footer.php
index 2c6a6cf..d786d68 100755
--- a/static/footer.php
+++ b/static/footer.php
@@ -3,11 +3,10 @@
 				<p>  Copyright 2014 <a id="copyright-text" href="//www.moehm.org/" target="_blank">Maximilian M&ouml;hring</a></p>
 			</div>
 		</div>
-		<script type='text/javascript'>var a = new Array('s.de','iamfabulou','nde@lists.','jungegemei');document.getElementById('mail').innerHTML="<a href='mailto:"+a[3]+a[2]+a[1]+a[0]+"'>E-Mail Adresse</a>";</script>
 		<script src="//code.jquery.com/jquery-1.10.1.min.js" defer></script>
 		<script src="//maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js" defer></script>
 		<?php //<script src='/boring.js' defer></script> ?>
-		<?php //include("piwik.html"); ?>
+		<?php include("static/piwik.html"); ?>
 	</body>
 </html>